var express = require('express');
var router = express.Router();
var UserModel = require('../models/users');
var checkNotLogin = require('../middlewares/check').checkNotLogin;
var sha1 = require('sha1');
// GET /signin 登录页
router.get('/', function(req, res, next) {
    res.render('signin');
});

// POST /signin 用户登录
router.post('/', function(req, res, next) {
    var name = req.fields.name;
    var password = req.fields.password;
  
    UserModel.getUserByName(name)
      .then(function (user) {
        if (!user) {
          return res.redirect('back');
        }
        // 检查密码是否匹配
        if (sha1(password) !== user.password) {
          return res.redirect('back');
        }
       
        // 用户信息写入 session
        delete user.password;
        req.session.user = user;
        // 跳转到主页
        res.redirect('/posts');
      })
      .catch(next);
});

module.exports = router;